Set-IPBlockListConfig (RTM)

Article
01/23/2017

Microsoft Exchange Server 2007 will reach end of support on April 11, 2017. To stay supported, you will need to upgrade. For more information, see Resources to help you upgrade your Office 2007 servers and clients.

Applies to: Exchange Server 2007

Use the Set-IPBlockListConfig cmdlet to modify the IP Block list configuration on a computer that has the Edge Transport server role or the Hub Transport server role installed.

Syntax

Set-IPBlockListConfig [-DomainController <Fqdn>] [-Enabled <$true | $false>] [-ExternalMailEnabled <$true | $false>] [-Instance <IPBlockListConfig>] [-InternalMailEnabled <$true | $false>] [-MachineEntryRejectionResponse <AsciiString>] [-StaticEntryRejectionResponse <AsciiString>]

Detailed Description

The IP Block list is used by the Connection Filter agent.

To run the Set-IPBlockListConfig cmdlet, the account you use must be delegated the following:

Exchange Server Administrator role and local Administrators group for the target server

To run the Set-IPBlockListConfig cmdlet on a computer that has the Edge Transport server role installed, you must log on by using an account that is a member of the local Administrators group on that computer.

For more information about permissions, delegating roles, and the rights that are required to administer Microsoft Exchange Server 2007, see Permission Considerations.

Parameters

Parameter	Required	Type	Description
DomainController	Optional	Microsoft.Exchange.Data.Fqdn	To specify which domain controller writes this configuration change for the connection filtering configuration data to Active Directory directory service, include the DomainController parameter on the command. If you are running this command on a computer that has the Edge Transport server role installed, the DomainController parameter is not supported. The Edge Transport server role writes only to the local ADAM instance.
Enabled	Optional	System.Boolean	Valid input for the Enabled parameter is `$true` or `$false`. The default setting is `$true`. When the Enabled parameter is set to `$true`, connection filtering is enabled on the computer where you are running the Set-IPBlockListConfig command.
ExternalMailEnabled	Optional	System.Boolean	Valid input for the ExternalMailEnabled parameter is `$true` or `$false`. The default setting is `$true`. When the ExternalMailEnabled parameter is set to `$true`, all messages from connections outside the Exchange organization are passed through the Connection Filter agent for processing.
Instance	Optional	Microsoft.Exchange.Data.Directory.SystemConfiguration.IPBlockListConfig	The Instance parameter lets you to pass an entire object to the command to be processed. It is mainly used in scripts where an entire object must be passed to the command.
InternalMailEnabled	Optional	System.Boolean	Valid input for the InternalMailEnabled parameter is `$true` or `$false`. The default setting is `$false`. When the InternalMailEnabled parameter is set to `$true`, all messages from senders inside to your Exchange organization are passed through the Connection Filter agent for processing. Authenticated partner messages are not considered internal mail.
MachineEntryRejectionResponse	Optional	Microsoft.Exchange.Data.AsciiString	This parameter lets you create customized responses for messages that are blocked by the Microsoft Block List service. This service, which is provided by Microsoft, is an IP Block list that is offered exclusively to Exchange 2007 customers. You can choose to implement and use the IP Reputation Service in addition to other real-time block list services. Enter the message body that you want delivered in the non-delivery report (NDR) to senders. Do not exceed 240 characters in the argument. When you pass an argument, you must enclose the MachineEntryRejectionResponse parameter in double quotation marks if the phrase contains spaces as follows, for example: "Message rejected".
StaticEntryRejectionResponse	Optional	Microsoft.Exchange.Data.AsciiString	This parameter lets you create a customized response for messages that are blocked by the IP Block list on the Connection Filter agent. Do not exceed 240 characters in the argument. When you pass an argument, you must enclose the StaticEntryRejectionResponse parameter in double quotation marks if the phrase contains spaces as follows, for example: "Message rejected".

Input Types

Return Types

Errors

Error	Description

Example

The following code example shows how to use the Set-IPBlockListConfig command to specify which domain controller writes the configuration change for the connection filtering configuration data to Active Directory.

Set-IPBlockListConfig -InternalMailEnabled:$true -DomainController ad-server.example.com